Vulnerabilities
Recent vulnerabilities
Recent vulnerabilities from
🏠GNA-1 (CIRCL)
Select from 78 available sources using the dropdown above.
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-23481 |
0 (3.1)
|
Out-of-Bound Read in xrdp |
neutrinolabs |
xrdp |
2022-12-09T17:50:24.280Z | 2025-04-23T16:29:49.845Z |
| CVE-2022-23482 |
0 (3.1)
|
Out-of-Bound Read in xrdp |
neutrinolabs |
xrdp |
2022-12-09T17:50:39.075Z | 2025-04-23T16:29:43.350Z |
| CVE-2023-20057 |
0 (3.1)
|
A vulnerability in the URL filtering mechanism of… |
Cisco |
Cisco Email Security Appliance (ESA) |
2023-01-19T01:32:32.802Z | 2024-08-02T08:57:35.557Z |
| CVE-2023-23608 |
0 (3.1)
|
spotipy Path traversal vulnerability that may lead to … |
spotipy-dev |
spotipy |
2023-01-24T02:39:32.471Z | 2025-03-10T21:20:38.544Z |
| CVE-2023-31007 |
0 (3.1)
|
Apache Pulsar: Broker does not always disconnect clien… |
Apache Software Foundation |
Apache Pulsar |
2023-07-12T09:07:03.227Z | 2024-10-08T13:35:57.720Z |
| CVE-2023-33182 |
0 (3.1)
|
Nextcloud Contacts photos only sanitized if mime type … |
nextcloud |
security-advisories |
2023-05-30T04:58:07.669Z | 2025-01-10T19:59:11.557Z |
| CVE-2024-22213 |
0 (3.1)
|
Cross-site Scripting when sending HTML as a comment in… |
nextcloud |
security-advisories |
2024-01-18T19:11:40.584Z | 2024-11-13T19:21:11.400Z |
| CVE-2024-27088 |
0 (3.1)
|
es5-ext Regular Expression Denial of Service in `funct… |
medikoo |
es5-ext |
2024-02-26T16:50:05.714Z | 2024-08-09T18:21:21.894Z |
| CVE-2024-32037 |
0 (3.1)
|
GeoNetwork vulnerable to search end-point information … |
geonetwork |
core-geonetwork |
2025-02-11T21:50:29.138Z | 2025-02-12T15:37:46.364Z |
| CVE-2024-3570 |
0 (3.0)
|
Stored XSS leading to Admin Account Takeover in mintpl… |
mintplex-labs |
mintplex-labs/anything-llm |
2024-04-10T17:08:15.109Z | 2024-08-01T20:12:07.798Z |
| CVE-2024-38526 |
0 (3.1)
|
pdoc embeds link to malicious CDN if math mode is enabled |
mitmproxy |
pdoc |
2024-06-25T23:53:54.677Z | 2025-02-13T17:53:15.493Z |
| CVE-2024-38537 |
0 (3.1)
|
Inclusion of Untrusted polyfill.io Code Vulnerability … |
ethyca |
fides |
2024-07-02T19:50:10.275Z | 2024-08-02T04:12:24.976Z |
| CVE-2024-43359 |
0 (3.1)
|
XSS vulnerabilities in montagereview |
ZoneMinder |
zoneminder |
2024-08-12T20:49:28.130Z | 2024-08-13T17:05:24.009Z |
| CVE-2024-48925 |
0 (3.1)
|
Umbraco CMS Improper Access Control Vulnerability Allo… |
umbraco |
Umbraco-CMS |
2024-10-22T15:27:23.998Z | 2024-10-22T15:50:31.093Z |
| CVE-2024-50356 |
0 (3.1)
|
Press has a potential 2FA bypass |
frappe |
press |
2024-10-31T18:02:42.440Z | 2024-11-01T13:51:00.632Z |
| CVE-2024-50633 |
0 (3.1)
|
A Broken Object Level Authorization (BOLA) vulner… |
CERN |
Indico |
2025-01-16T00:00:00.000Z | 2025-02-18T21:00:48.454Z |
| CVE-2024-51736 |
0 (3.1)
|
Command execution hijack on Windows with Process class… |
symfony |
symfony |
2024-11-06T20:51:38.536Z | 2024-11-21T23:23:26.713Z |
| CVE-2024-57965 |
0 (3.1)
|
In axios before 1.7.8, lib/helpers/isURLSameOrigi… |
axios |
axios |
2025-01-29T00:00:00.000Z | 2025-01-29T14:14:23.882Z |
| CVE-2025-11173 |
0 (4.0)
|
Reauth for enabling 2FA can be bypassed by submitting a form |
Wikimedia Foundation |
OATHAuth |
2026-02-03T00:27:45.487Z | 2026-02-03T21:08:02.478Z |
| CVE-2025-11261 |
0 (4.0)
|
Stored i18n XSS exposed by security patch for T402077 |
Wikimedia Foundation |
MediaWiki |
2026-02-03T00:25:00.761Z | 2026-02-03T21:07:11.411Z |
| CVE-2025-1680 |
0 (4.0)
|
An acceptance of extraneous untrusted data with t… |
Moxa |
TN-4500A Series |
2025-10-23T13:56:39.744Z | 2025-10-23T14:35:30.379Z |
| CVE-2025-26862 |
0 (4.0)
|
PingFederate unexpected browser flow initiation in red… |
Ping Identity |
PingFederate |
2025-10-27T14:39:41.284Z | 2025-10-27T14:48:11.544Z |
| CVE-2025-32696 |
0 (4.0)
|
"reupload-own" restriction can be bypassed by reverting file |
Wikimedia Foundation |
MediaWiki |
2025-04-10T18:28:48.161Z | 2025-11-03T19:53:33.707Z |
| CVE-2025-32697 |
0 (4.0)
|
Cascading protection is not preventing file reversions |
Wikimedia Foundation |
MediaWiki |
2025-04-10T18:29:17.482Z | 2025-04-10T19:05:48.098Z |
| CVE-2025-3469 |
0 (4.0)
|
i18n XSS vulnerability in HTMLMultiSelectField when se… |
Wikimedia Foundation |
MediaWiki |
2025-04-10T18:28:13.370Z | 2025-11-03T19:53:59.985Z |
| CVE-2025-3722 |
0 (4.0)
|
A path traversal vulnerability in System Informat… |
Trellix |
System Information Reporter |
2025-06-26T11:08:53.374Z | 2025-06-26T12:59:09.547Z |
| CVE-2025-3773 |
0 (4.0)
|
A sensitive information exposure vulnerability i… |
Trellix |
System Information Reporter |
2025-06-26T11:11:26.881Z | 2025-06-26T12:58:54.131Z |
| CVE-2025-49823 |
0 (3.1)
|
Conda Constructor Command Injection via Unsanitized Us… |
conda |
constructor |
2025-06-17T02:21:17.496Z | 2025-06-17T15:52:25.295Z |
| CVE-2025-61634 |
0 (4.0)
|
HTML rest endpoint needs PoolCounter and proper parser… |
Wikimedia Foundation |
MediaWiki |
2026-02-02T23:28:53.841Z | 2026-02-03T21:15:20.700Z |
| CVE-2025-61635 |
0 (4.0)
|
Add rate limiting to ApiFancyCaptchaReload |
Wikimedia Foundation |
ConfirmEdit |
2026-02-02T23:26:14.537Z | 2026-02-03T21:13:41.151Z |